#Android #Phone – Millions of brand-new Android phones come with a massive built-in security flaw : Android malware isn’t a thing, the savviest Android users will tell you. And they are partly right. They and users like them will probably never have to deal with Android malware. But then there are reports like this one, which claims that a powerful backdoor program was discovered preinstalled on 3 million Android devices.
Found by security firm BitSight Technologies in the firmware preinstalled on almost three million Android phones, the “backdoor” is vulnerable to attacks that would allow a third-party with malicious intentions to gain full control of a device.
The backdoor found in Ragentek firmware “goes out of its way to conceal the presence of the underlying binary file,” Ars Technica reports.
“In this case, the developer added an exception when iterating over the system processes to explicitly skip over the affected binary (‘debugs’), and thus not display it in the returned results,” BitSight researcher Dan Dahlberg told the tech site. “In other words, the programs were modified to pretend this binary did not exist.”
But the firmware’s purpose doesn’t appear to be related to malware. Ragentek is intended to push legitimate over-the-air updates to the phone, and the backdoor capabilities might be unintentional.
However, the flaw could have been exploited by anyone with knowledge of the matter. All an attacker would have needed to target these devices is control of two internet domains, which are now operated by BitSight.